Releases: cloudflare/vibesdk
Releases · cloudflare/vibesdk
v1.5.0
1.5.0 (2026-02-03)
Features
- add app visibility check for preview deployment (3c4f203)
- add phase timeline change subscription and event handling (a1c7404)
- add phase timeline change subscription and event handling (f8b14cd)
- enhance rate limit result with exceeded limit details and limit values (aceac60)
- enhance rate limit result with exceeded limit details and limit values (721b9e8)
- enhance type exports and improve utility functions for better type safety (47eba5f)
- expand drizzle types script on sdk bundle (96b709e)
- expand drizzle types script on sdk bundle (33eb39f)
- implement phase timeline management and state tracking in SDK (dbcf51f)
- implement WebSocket ticket authentication and management system (1fe8640)
- integration tests with worker (f565aff)
- integration tests with worker (a68d9cb)
- readme update (33f72ab)
- refactor client methods to include app management functionalities (b9f0416)
- sdk tests (a841168)
- sdk ws ticket auth and auto reconnect (932271f)
- update model configurations and enhance inference handling (f7960d5)
- use original worker types in sdk (6745f04)
- use original worker types in sdk (0bc7db9)
- wrap global fetch to preserve context in Workers runtime (b7be5db)
Bug Fixes
v1.4.0
Release v1.4.0
Highlights
- New Client SDK: Full TypeScript SDK (
@cf-vibesdk/sdk) for programmatic interaction with the platform, enabling headless automation, CI/CD integration, and third-party tooling (#277) - Zero-Knowledge Vault: End-to-end encrypted user secrets storage with Argon2id/WebAuthn PRF key derivation for secure API key management (#267)
- Enhanced Code Generation Safety: Pre-deploy AST-based static analysis detects and auto-fixes common React antipatterns like render loops and unstable selectors (#267)
- Gemini 3 Flash Support: New model option with optimized prompts for improved performance and reduced token costs (#274)
Changes
SDK
- Added TypeScript Client SDK with
VibeClient,PhasicClient, andAgenticClientclasses for programmatic platform access (#277) - Implemented
BuildSessionfor WebSocket session management with auto-reconnect and exponential backoff (#277) - Added
WorkspaceStorefor local file state synchronization andSessionStateStorefor reactive state management (#277) - Added HTTP retry logic with exponential backoff and jitter to prevent thundering herd scenarios (#282)
- Improved resource cleanup with
clear()methods across SDK stores to prevent memory leaks (#282) - Added blueprint parsing utilities (
BlueprintStreamParser,blueprintToMarkdown) for handling streaming JSON/Markdown (#267) - Added Node.js support via WebSocket shim (#277)
Worker / API
- Vault System: New
UserSecretsStoreDurable Object for encrypted server-side storage with key rotation support (#267) - Screenshot Rendering: Added retry mechanism with blank screenshot detection using entropy analysis; improved page load detection (#283, #284)
- Query Validation: Added 20,000 character limit on agent queries with clear error messages (#275)
- Command Output: Truncated exec command output to 1,000 characters to prevent token overflow (#267)
- Inference Context Refactor: Separated persistent metadata from runtime state to prevent accidental serialization of API keys (#276)
- New Models: Added Claude 4.5 Opus, Grok 4.1 Fast, and Qwen 3 Coder 480B model definitions (#267)
- Replaced CLI token authentication with SDK API key management system (#267)
- Changed preview domain to cloudflarepreviews.net (#267)
Frontend
- Vault UI: Added VaultSetupWizard, VaultUnlockModal, SecretsManager, and related components for vault management (#267)
- API Keys UI: Comprehensive API key management interface with create/revoke/list functionality (#267)
- Feature Registry: Introduced feature registry/provider with lazy-loaded modules for better project type decoupling (#267)
- Improved legacy chat stability and preview rendering with proper state normalization (#267)
- Fixed duplicate agent session creation during rerenders (#272)
- Removed redundant width/height styles from preview iframe (#267)
Agent / Prompts
- Added pre-deploy safety gate with AST analysis using
@babel/traversefor detecting React antipatterns (#267) - Detects: infinite render loops, missing useEffect dependencies, unstable store selectors, module-level JSX (#267)
- Implements deterministic fixes for common patterns without LLM invocation (#267)
- Phase implementation prompt rewrite (v78) with condensed guidelines and clearer examples (#274)
- Reduced max phases from 12 to 10 for tighter project scope (#267)
- Improved phase context by showing only last phase with full details (#267)
- Added common pitfalls and dependency documentation to prompts (#267)
Sandbox / Containers
- Improved process monitoring with HTTP health probes instead of lsof (#269)
- Better process group handling with detached mode for clean termination (#269)
- Added port failure threshold tracking for more reliable restarts (#269)
Tooling / CI
- AI Changelog Workflow: Dedicated
ai-changelog.ymlfor automated release notes generation (#271) - Issue Auto-fix: New
claude-issue-autofix.ymlwith trusted actor gating and security controls (#266) - PR Reviews: Enhanced Claude review workflow with comment-based triggers, sticky comments, and fork detection (#266)
- Added concurrency controls and security constraints across workflows (#266)
- Added
release-livedeployment workflow for release branch deployments (#267) - Optimized pre-commit hooks with selective typecheck and test filtering (#267)
- Added integration test controls with
VIBESDK_RUN_INTEGRATION_TESTSenvironment variable (#277) - Improved cryptographic security with rejection sampling for unbiased RNG in recovery codes (#267)
Documentation
Bug Fixes
- Fixed duplicate agent session creation race condition during rerenders (#272)
- Fixed preview switching logic for phasic vs agentic behavior types (#274)
- Fixed Babel traverse import compatibility for safety gate (#267)
- Fixed shell safety and variable handling in Claude reviews workflow (#267)
- Improved error handling in vault-context unlock flow (#267)
- Fixed file broadcast to use safeFiles instead of finalFiles during phase implementation (#267)
Statistics
- 308 files changed, 32,617 insertions, 11,606 deletions
- Major areas: SDK (new package), Worker agents and operations, Frontend components and features, CI/CD workflows, Container monitoring
v1.3.0
v1.2.0
1.2.0 (2025-11-30)
Features
- add agent-specific model constraints and refactor generation (3f9ccf7)
- Cost optimizations via model configs and prompt improvements (#247) (2b3a901)
- enhance changelog generation with detailed PR and commit data (8950852)
- improve template selection reliability and prompt clarity (8ed1a08)
- prompt tuning for shorter blueprints (e9041f1)
- rewrite process monitoring and error handling (b0db701)
- upgraded to sandbox sdk version 0.5.2 (9f9cc7a)
Bug Fixes
- add additional ownership verification checks (b74a645)
- added instructions for token creation (3544038)
- added instructions for token creation (f7cc7ea)
- added instructions for token creation (ea3f110)
- better stale comment removal + correct YAML string escaping (834cffa)
- cleanup chat.tsx for build (670c8d6)
- don't wait for runtime errors if app not deployed (0dd3e7e)
- dont clear runtime errors on executeDeepDebug (1eda73e)
- prevent race condition in code generation state (188ba0d)
- typeScript features configurable to reduce memory (d3f984c)
- unescape commit messages before git operations (d51310b)
v1.1.0
v1.0.0
1.0.0 (2025-11-03)
Features
- add abort signal support to inference operations (f3e545e)
- add actionKey tracking for inference calls and rate limiting (226441e)
- add app visibility toggle and shareable link functionality to deployment controls (692215d)
- add auto-scroll behavior to chat messages container (6919820)
- add automated PR description generation workflow (3c81d5d)
- add automated PR workflows and commit validation (5ba22fc)
- add better streaming tool call accumulation and debug logging (67360fe)
- add bootstrap script and template customization (1fa893f)
- add conciseness requirement to agent instructions (262d48f)
- add conversation reset functionality with confirmation dialog (5ebb714)
- add Custom style option to template selector (76a4960)
- add deep debug session management with state persistence and wait tools (e60694f)
- add deep debugger transcript UI with collapsible tool results (95ed92f)
- add deploy to Cloudflare button in phase timeline header (bea0bcd)
- add diff toggle option to git show command (2657ba9)
- add discover nudge UI with arrow and font styling (a33f29b)
- add duration filter option for log retrieval in sandbox (4579da2)
- add dynamic platform status banner with changelog dialog in global header (2f24af2)
- add ESM module support and improve error handling in worker deployment (dc2ee30)
- add exponential backoff and max retries constant for deployment failures (cbf1220)
- add force refresh mechanism for preview deployments (796e34d)
- add generate_files tool for creating new files and full rewrites (52d917f)
- add Git clone functionality for repositories (d7532f2)
- add git clone protocol support with template rebasing (6005c4d)
- add git version control tools and enhance debugging system (f6b6b00)
- add GitHub Actions for issue triage + improved code-review (d42f805)
- add in-memory caching for git clone operations with 5s TTL (263ac37)
- add incremental GitHub sync with commit history preservation (4785472)
- add indexes for app views and stars by app_id and timestamp (87dedbe)
- add inference cancellation support with AbortController (6e752c2)
- add issues field to DeterministicCodeFixCompletedMessage interface (f7689fd)
- add latest Gemini model variants (134f518)
- add latest Gemini model variants and reorganize AI model enum groupings (a6a2b5d)
- add llm.md and update claude.md using it (a1e90dd)
- add localhost:8787 to allowed CORS origins in dev environment (88c1919)
- add log file extractor tool and nanoid dependency (0b12d76)
- add option to suppress error toasts in API client requests (e490280)
- add persistent command execution in sandbox environment (7d02a43)
- add preview expiration handling and update deployment messaging (74b16da)
- add previous debug session context and improve error handling in debugging tools (45ac910)
- add project name generation and config file updates (a948e62)
- add pulsing edge animation to indicate active phase progress (49daa1d)
- add read-only mode for agent initialization (7f83e19)
- add retry logic for process health check in sandbox service (3284afe)
- add retry mechanism for sandbox deployment failures with max 3 attempts (1c110e0)
- add safe JSON stringification with circular reference and Error object handling (6e6dcd2)
- add Sentry frontend integration (72455ff)
- add Sentry frontend integration (c6755a2)
- add sort persistence and auto-collapse sidebar on new build (332041a)
- add stop generation button and handle cancelled state in phase timeline (3cd7cab)
- add streaming support to deep debugger and enhance logs tool with truncation (1bdb1e7)
- add support for backward compatibility flags in templates (506a7ca)
- add support for separate preview domain in deployment system (057ffa5)
- add support for user-suggested phase generation and forbid image generation (0ab6501)
- add timeout handling and force redeploy option (d2543d5)
- add tool depth limit and conversation context compactification (5ba30b9)
- add tool result field to websocket messages and update event handling (41fab81)
- add uploads routes + fix filename in r2 (6a41be1)
- add wait_for_generation tool and enhance tool call result handling (92f4e0e)
- add WebSocket support for sandbox proxy (9d9d60b)
- add WebSocket support for sandbox proxy (72538be)
- add word counter and 4000 word limit to chat input (33f5f50)
- added cloudflared tunnels for local dev + docs ([745cd2a](745cd2ac8893c44...